Enhancing & Expanding Knowledge

CRITICAL ANALYSIS OF THE LAWS AGAINST CYBER CRIMES IN INDIA

Innovation is inherent to human
nature. The human race has tried since time immemorial to keep building and
rebuilding things to make things easier for the world. Right from the invention
of the wheel ages ago, to the first telephone call by Alexander Graham Bell,
remarkable unprecedented developments have been achieved by the humanity due to
research and innovation.

With every major achievement of the
world, the society has dynamically reciprocated and has transformed
accordingly. Introduction of Telephones prompted the deployment of large-scale
telephone lines, and installation of Public-Call-Offices. People stood in lines
and waited for their turn to talk, later with subsidization and advancements
directed at making the technology feasible people got telephone connections at
their houses via telephone lines. The introduction of broadband-internet was
based on and facilitated by the existent telephone network.

The 1990s saw the Indian economy
open up and allow investments from the private players, government lax the
norms for business and permit the foreign investors to freely invest in India.
As a result of improved trade and commerce between the world at large and
India, improved technology made its way to India. Computers flooded Indian
markets with the IT-revolution and the advent of call-centers, soon enough the
early cellular phones made their way into the markets. With ubiquitous
technology available across sectors, the Indians became more and more reliant
on the innovations of the present, and started improving and tailoring
technology to suit their needs. Most of the technology got commercialized, and
overwhelmed the entire nation.

Of the various advancements brought
about in the 21st century, the most significant one by far is the
commercialization of internet, and the exponential increase in the users of the
technology that it subsequently achieved.

However, as is the case with almost
every positive development that the world has seen, adversities start showing
up almost parallel to the growth. Telephones posed a multitude of issues such
as rampant stealing of connections, tapping of phones, using telephone numbers
to organize criminal activities etc. The introduction of portability via the
cellular phones further posed a number of threats ranging from better
organization and coordination of organized crimes, widespread dissipation of
telephone numbers of innocent people to miscreants who would then utilize the
hand-held phones to stalk and threaten people.

The dawn of internet however opened
a Pandora ’s Box as, internet was way bigger than any technology ever built. It
complemented everything from banking to communications, from easing ticket
reservations to revolutionizing retail. Internet today is integrated in almost
every other technology. Cell phones, computers, cars and televisions everything
runs internet on it. Such is the reach of internet today that most of the tech
today is unimaginable without internet. No one would be willing to use a cell
phone or a computer that cannot run internet on it.

The internet today has connected
the world like never before. Every information needed by a man is literally on
his finger-tip. However, the same reach that remarks internet’s success has
been at the root of several unforeseen offences. The growth in the cyber-space
(mobile devices, processors, internet etc.) has resulted in the growth of new
offences and the increase in the magnitude and intensity of the existing
offences.

Cyber-laws concern themselves with
the various aspects of the budding cyber technology. It provides for the
regulations pertaining to the licenses, revenue and conduct relating to the
computer, internet and mobile technology. A large part of the cyber laws
however concerns itself with the menace of cyber-crime.

There is no specific definition of
cyber crimes under the IPC or the IT Act, 2000 which is the governing statute
for Information Technology in India. However, the nature of the crimes which in
common parlance comes to mean cyber-crimes extends so widely that, putting the
definition into a strait-jacket is next to impossible.

Bank frauds, forgery, data theft,
pornography etc. are some of the several common cybercrimes which plague the
society today. The researcher in the instant paper has tried to discuss the
various laws in place intended to check the rampant cyber crimes in India, and
has tried to analyze their contribution in doing so, in addition to which, the
researcher will attempt to critically analyze the legal regime around
cyber-crimes.

Laws around Cyber Crimes in India

As cyber-crimes are often carried
out against subjects which are defined and discussed under the Information
technology Act, the statute further penalises these crimes. The Indian Penal
Code is the central legislation which deals with conventional crimes in India.
As, the scope of these crimes stand expanded today in the light of the
technological revolution, a form of these crimes can easily be classified under
the ambit of cyber-crimes. Hence primarily, the cybercrimes in India are dealt
under the following two statutes.

Information Technology Act, 2000.

Indian Penal Code, 1860.

Information Technology Act, 2000

India had by the early 2000s,
identified IT as a key factor in its quest to achieve economic superiority and
overall growth. The governments at the centre and the state level incentivized
the growth of centers for IT education, basic computer skills were mandatorily
taught by the centrally affiliated schools, and an entire population was soon
equipped with primary computer skills. The investment made in the development
of the IT sector yielded the results soon enough, and the IT industry boomed in
the country. The IT industry was of a tertiary nature and assisted the
functioning of the primary and the secondary sectors of the economy, while some
professionals formed companies and had standalone operations in form of
software giants and consultancies, a major chunk of the IT- educated population
transitioned into the mainstream corporate to help with the IT requirements of
these organizations. A small population however resorted to utilizing their
proficiency in IT to certain ulterior motives. The Information Technology Act,
2000 was legislated both to cater to the growing needs of the IT community in
the country and to identify and punish the fringe elements who indulged in
misusing information technology.

Chapter 11 of the IT Act (S.65 to
S.78) details and discusses various cyber-crimes, and prescribes the punishment
for them. Herein discussed are a few common offences which have been made
punishable under the IT Act:

Tampering
with source documents: The IT Act prescribes a punishment for concealing,
destroying and altering any data which is required not to be maintained and
preserved in accordance with the law.[1]For
instance, if a disc is required as an evidence to be submitted before a court,
alteration in its contents or the production of a fabricated copy of the same
may attract a 3-year prison sentence along with a fine. [2]

Identity Theft: The concept of identity
theft refers to the act of using the electronic signature or password etc. of
an individual. The same is made liable under the Act with a 3-year prison
sentence along with a fine.[3]

Cheating
by Personation: The Act penalizes cheating by personation using a computer
source with a 3-year prison sentence and a fine.

Privacy
Violation: In wake of the acknowledgement of the fundamental right to
privacy by the Hon’ble Supreme Court of India.[4]and
the recent exposes relating to privacy violation by big MNCs like Google and
facebook, Privacy violations have taken the centre stage at various national
debates. The IT Act, 2000 prescribes a 3-year prison sentence and a fine for
the same u/s 66E.

Cyber
terrorism: The act of putting a nation’s sovereignty in danger by the use
of a computer resource is referred to as cyber terrorism. Often the use of
computer programs such as viruses etc. aids the acts of cyber-terrorists, these
acts tend to affect the lives of the people adversely and can even lead to the
death of people. The Act has dealt with cyber
terrorism very strictly and has made it punishable with life imprisonment u/s
66 F.

Transmission
of Pornographic Material: Transmission of pornographic content has been
discussed very strictly under the Act. The implications of the transmission of
pornographic content have been appreciated by the legislatures and, since the
transmission is bound to have a long term and intense adverse effect on the
lives of the victims[5]Section
67 prescribes a minimum punishment of 3-years’ worth jail-time and 5 lakhs in
fine. The punishment for a second-time offender has been set at a jail-term for
5 years and a fine of 10 lakhs.

Further, Section
67-B exclusively deals with child pornography for victims below the age of 18
years. The prescribed punishments for a first conviction in cases of child
pornography is 5-years of jail time and a fine of 10 lakh rupees, a second
conviction can land one a sentence of 7 years and an additional fine of 10 lakh
rupees.

Compensation
for failure to protect data: S. 43-A of the IT Act deals provides for
compensation in case a body corporate which handles sensitive personal data
fails to protect the same. The body corporate operating with sensitive personal
data are required under the section to adopt reasonable security practices and
procedures to prevent the loss of data failing which they will be liable to
compensate for the loss of the data.

The IT Act further
provides for the central government to issue guidelines and prescribe for
security procedures and practices to ensure that the contravention of the
various mandates of the statute does not happen.[6]
The Act also provides for the rule making power of the legislature to better
execute the enactment.

Indian Penal Code, 1860:

The amended Indian Penal Code in
light of the IT Act, 2000 includes electronic records and documents under the
ambit of records and documents. Hence, the offences pertaining to the
fabrication of the records and falsification of documents etc. extends to the
e-records and documents.

The Sections dealing with false
entry in a record or false document etc (i.e. 192, 204, 463, 464, 464, 468 to
470, 471, 474, 476 etc) have been amended by the enactment

Apart from these two legislations,
certain other legislations which govern areas that share an interface with
internet and technology do have a few provisions dealing with the culpability
of cyber threats. However, the substantial provisions of these two statutes
lays down a basic framework for the Indian law enforcement against
cyber-crimes.

Critical Analysis

Crimes are as dynamic as a society
is, with considerable growth in education and exponential upgradation of the
society’s cumulative technology, the criminals have evolved as well. New crimes
are being carried out which affect a large number of people, further the
conventional crimes are being conducted today with exceptional precision with
the help of readily available technology. As the effect of these crimes
transcend down to the common folk more often than not, cyber-crimes are now a
hot subject matter of the law. As, it is sought to rectify the wrongs
perpetrated against the society through the instrument of legislations and
their execution.

While the common cyber crimes have
been adequately dealt with under the IT Act, 2000, the legislature constantly
keeps bringing about new rules to cater to the growing corpus of the crimes.
Currently a key issue faced by the nation at large is that of ‘Data Privacy’,
herein the researcher has analyzed how the laws have emerged around the same to
accord protection to the people’s fundamental right to privacy. S.66 C of the
IT Act, 2000 penalizes Identity theft and S.66 E penalizes violation of an
individual’s privacy.

The Rules under the Information
Technology (Reasonable security practices and procedures and sensitive personal
data or information) Rules, 2011[7]
complement the existing data protection mechanism in the country.

Rule 8(1)[8]
talks about the need for the existence of reasonable security practices and
procedures. The international Standard IS/ISO/IEC 27001 on “Information
Technology – Security Techniques – Information Security Management System –
Requirements”.

In the wake of the debate around
Aadhar infringing Right to Privacy, the law pertaining to data privacy was
re-examined and on 4h May 2017, The Ministry of Information Technology,
Government of India published ‘Guidelines for Securing Identity Information and
Sensitive Personal Data or Information in compliance with AADHAR Act,2012 and
the Information Technology Act,2000’

B.N. Shrikrishna committee further analyzed
the various jurisdictions globally in light of the Right to Privacy, data
protection etc. and submitted a report which provided a basis for the recent
Right to Privacy Bill, 2017.[9]
The bill shields an individual’s right to privacy against the world at large
and attempts to establish the control of one’s personal data in their own
hands.

Conclusion

In certain ways, the unearthing of
these new age crimes tend to bring about a greater degree of awareness among
the people and the regime and helps the building of a better, more nurturing
society. Laws around the crimes have to be ever-changing as the ill-elements in
the society keep on coming up with innovative ways to carry out their malicious
acts. The instant paper helped the researcher understand the policy-making
process up close and the implications of new-age cyber-crimes on the society.
On being acquainted with relevant facts and laws, the researcher is of the
belief that the cyber-crimes can only be countered through awareness and cyber
education across the masses.

The knowledge of laws and their
applications will, in the researcher’s opinion prove to be of instrumental
value in curbing the menace of rampantly increasing new-age cyber-crimes.